Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

DDoS attacks on major US banks are no Stuxnet -- here's why

From: InfoSec News <alerts () infosecnews org>
Date: Thu, 4 Oct 2012 01:10:48 -0500 (CDT)
http://arstechnica.com/security/2012/10/ddos-attacks-against-major-us-banks-no-stuxnet/

By Dan Goodin
Ars Technica
Oct 3, 2012
The attacks that recently disrupted website operations at Bank of America and at least five other major US banks used compromised Web servers to flood their targets with above-average amounts of Internet traffic, according to five experts from leading firms that worked to mitigate the attacks.
The distributed denial-of-service (DDoS) attacks -- which over the past two weeks also caused disruptions at JP Morgan Chase, Wells Fargo, US Bancorp, Citigroup, and PNC Bank -- were waged by hundreds of compromised servers. Some were hijacked to run a relatively new attack tool known as "itsoknoproblembro." When combined, the above-average bandwidth possessed by each server created peak floods exceeding 60 gigabits per second.
More unusually, the attacks also employed a rapidly changing array of methods to maximize the effects of this torrent of data. The uncommon ability of the attackers to simultaneously saturate routers, bank servers, and the applications they run -- and to then recalibrate their attack traffic depending on the results achieved -- had the effect of temporarily overwhelming the targets.
"It used to be DDoS attackers would try one method and they were kind of one-trick ponies," Matthew Prince, CEO and founder of CloudFlare, told Ars. "What these attacks appear to have shown is there are some attackers that have a full suite of DDoS methods, and they're trying all kinds of different things and continually shifting until they find something that works. It's still cavemen using clubs, but they have a whole toolbox full of different clubs they can use depending on what the situation calls for." 

[...]


--
Certified Ethical Hacker and CISSP with ExpandingSecurity.com gives the best
training and support. Last 2012 CISSP and CEH starts Oct. 1! Take action now
and be done before 2012 ends. Best program, best price.
CISSP info signup
http://www.expandingsecurity.com/product/cissp-live-online-10-week-course/
CEH info signup
http://www.expandingsecurity.com/product/ceh-certified-ethical-hacker-online/
Our Live Online classes will not wreck your schedule.
Previous By Date Next
Previous By Thread Next

Current thread: